Consumer Controlled Cloud Based Medical Records

The future has arrived. It is time for cloud based integrated healthcare records and time for the individual consumer to maintain control of their own data. Although challenging and seemingly utopian, such systems could provide uniform privacy and security controls to protect information in a single repository rather than many discreet instances of data stored throughout various healthcare systems.

Patient Medical Records and the Cloud
Public cloud Services provide many benefits and have seen increased use by businesses in recent years. Public cloud services created and managed by third party technology providers offer essential services such as ubiquitous access to data, on demand storage and archiving capabilities, and high availability at a scale and cost that would be difficult for individual organizations to maintain.
However, healthcare has been slow to embrace public cloud services due to concerns over security, privacy and litigation risk. Even as hospitals and other medical operations as well as their clients (the patients themselves) begin to embrace the potential of Electronic Medical Records (EMR), anxiety over the potential negative consequences of the mishandling of patient data, and perceived loss of centralized control have prevented Healthcare providers from taking advantage of Public Cloud Services.
Private clouds, hybrid clouds and community clouds are all good options for using cloud services where privacy is a concern, but each solution must be compliant with regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and The Health Information Technology for Economic and Clinical Health (HITECH) Act.

One Repository for Electronic Medical Records
While the privacy and security of individual’s health records is of primary concern, individual repositories of patient information, fragmented across the Industry, makes the challenge of ensuring appropriate controls more difficult and perhaps ultimately less secure, than a “single” cloud based repository could provide.
The creation of health information exchanges (HIEs) has been underway for some time by various vendors and service providers (Donahue, 2010) with the objective of sharing information between entities. HIEs however, do not address or provide a single source, nor are they designed to. Along with HIEs, Community Health Management Information Systems (CHMISs), Community Health Information Networks (CHINs), and Regional Health Information Organization’s (RHIO) are all examples of programs or models that have tried to address the problem of access to patient data. However, none of these has been a complete success (Vest & Gamm, 2010). All of these solutions leave open the opportunity for inconsistent data across various exchanges, as well as a larger surface area to protect, control, audit and remediate issues over.
A cloud based repository, managed by the government might provide the homogeneity needed to ensure consistent care, security and privacy, while reducing costs and freeing up IT resources at healthcare organizations to focus on implementing and maintaining EMRs that would use the “Public Utility” cloud based data as the source of truth for patient medical records (Vest & Gamm, 2010).

Control of the Medical Record
Whether the patient’s medical record exists in various healthcare systems individual data stores, HIEs or even in a national repository maintained by the Federal Government the critical issue of who “owns” or controls access to the medical record remains a consistent issue. The next major step in electronic health records should be a system that gives the individual access to their own information, along with the ability to approve or reject requests for access to their records. In addition to controlling the access to the information, the ability for the individual to read their own medical records may even encourage them to participate more actively in their own care (Rabin, 2012).

The creation of a national cloud based repository for electronic medical records could potentially provide many benefits for both consumers and providers of healthcare services. There are also significant challenges in creating such a system. Healthcare organizations, along with technology companies should work with Federal and State Governments to design and implement such a system. A national cloud based repository would improve patient care by reducing errors or gaps that may exist in separate healthcare systems records, reduce costs for healthcare organizations by removing the need to maintain their own repositories and to better ensure privacy and security of the information by securing one common system, rather than many disparate ones.